Upmerge ckeditor update 2020 august #29
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Prevent throwing error when partially selected widget is copied
Disable PfLO in IE 11
…eclared colors from configuration option.
Expose colorbutton#select method
Set z-index of resizer to 10000 or more Fixes these two issues: ckeditor#1959 ckeditor#909
Tableresize not working when editor placed in container with higher z-index values
Fix widget plugin when switching to source mode via custom keystroke.
Ignore unsupported browsers for emoji manual test
Ignore unsupported mobile manual tests
Sync stable branch from CKEditor4 to our fork
# Conflicts: # README.md # config.js # dev/builder/build-config.js # samples/index.html # styles.js
sbrand83
approved these changes
Aug 20, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bring the latest changes from CKEditor into our working branch https://ckeditor.com/cke4/release-notes
CKEditor 4.14.1
Jun 17/2020
Fixed Issues:
ckeditor#2607: Fixed: The Emoji plugin SVG icons file is not loaded in CORS context.
ckeditor#3866: Fixed: The config.readOnly configuration option not considered for startup read-only mode of inline editor.
ckeditor#3931: [IE] Fixed: An error is thrown when pasting using the Paste button after accepting the browser Clipboard Access Prompt dialog.
ckeditor#3938: Fixed: Cannot navigate the Autocomplete panel with the keyboard after switching to source mode.
ckeditor#2823: [IE] Fixed: Cannot resize the last table column using the Table Resize plugin.
ckeditor#909: Fixed: The Table Resize plugin does not work when the editor is placed in an absolutely positioned container. Thanks to Roland Petto!
ckeditor#1959: Fixed: The Table Resize plugin does not work in a maximized editor when the Div Editing Area feature is enabled. Thanks to Roland Petto!
ckeditor#3156: Fixed: Autolink config.autolink_urlRegex and config.autolink_emailRegex options are not customizable. Thanks to Sergiy Dobrovolsky!
ckeditor#624: Fixed: Notification does not work with the bottom toolbar location.
ckeditor#3000: Fixed: Auto Embed does not work with the bottom toolbar location.
ckeditor#1883: Fixed: The editor.resize() method does not work with CSS units.
ckeditor#3926: Fixed: Dragging and dropping a widget sometimes produces an error.
ckeditor#4008: Fixed: Remove Format does not work with a collapsed selection.
ckeditor#3998: Fixed: An error is thrown when switching to the source mode using a custom Ctrl + Enter keystroke with the Widget plugin present.
Other Changes:
CKEditor 4.14.0
Mar 04/2020
Security Updates:
Issue summary: It was possible to execute XSS inside CKEditor after persuading the victim to: (i) switch CKEditor to source mode, then (ii) paste a specially crafted HTML code, prepared by the attacker, into the opened CKEditor source area, and (iii) switch back to WYSIWYG mode or (i) copy the specially crafted HTML code, prepared by the attacker and (ii) paste it into CKEditor in WYSIWYG mode.
Issue summary: It was possible to execute XSS using CKEditor after persuading the victim to: (i) switch CKEditor to source mode, then (ii) paste a specially crafted HTML code, prepared by the attacker, into the opened CKEditor source area, then (iii) switch back to WYSIWYG mode, and (iv) preview CKEditor content outside CKEditor editable area.
An upgrade is highly recommended!
New features:
ckeditor#2374: Added support for pasting rich content from LibreOffice Writer with the Paste from LibreOffice plugin.
ckeditor#2583: Changed emoji suggestion box to show the matched emoji name instead of an ID.
ckeditor#3748: Improved the color button state to reflect the selected editor content colors.
ckeditor#3661: Improved the Print plugin to respect styling rendered by the Preview plugin.
ckeditor#3547: Active dialog tab now has the aria-selected="true" attribute.
ckeditor#3441: Improved widget.getClipboardHtml() support for dragging and dropping multiple widgets.
Fixed Issues:
ckeditor#3587: [Edge, IE] Fixed: Widget with form input elements loses focus during typing.
ckeditor#3705: [Safari] Fixed: Safari incorrectly removes blocks with the editor.extractSelectedHtml() method after selecting all content.
ckeditor#1306: Fixed: The Font plugin creates nested HTML tags when reapplying the same font multiple times.
ckeditor#3498: Fixed: The editor throws an error during the copy operation when a widget is partially selected.
ckeditor#2517: [Chrome, Firefox, Safari] Fixed: Inserting a new image when the selection partially covers an existing enhanced image widget throws an error.
ckeditor#3007: [Chrome, Firefox, Safari] Fixed: Cannot modify the editor content once the selection is released over a widget.
ckeditor#3698: Fixed: Cutting the selected text when a widget is partially selected merges paragraphs.
API Changes:
ckeditor#3387: Added the CKEDITOR.ui.richCombo.select() method.
ckeditor#3727: Added new textColor and bgColor commands that apply the selected color chosen by the Color Button plugin.
ckeditor#3728: Added new font and fontSize commands that apply the selected font style chosen by the Font plugin.
ckeditor#3842: Added the editor.getSelectedRanges() alias.
ckeditor#3775: Widget mask and parts can now be refreshed dynamically via API calls.